Bugtraq mailing list archives
Re: MDKSA-2000:065 - Linux-Mandrake not affected by dump
From: Adam Knight <ahknight () JUMP NET>
Date: Thu, 2 Nov 2000 18:01:54 -0600
You know, I tried this on Redhat 6.2, two different installs, and got the result they're saying here. Perhaps this is only on *some* Redhat installs? Anyone have an idea as to what would cause this to fail/succeed? My copy is certainly SUID root, but the binary it made was SUID me. On Thu, 2 Nov 2000, Linux Mandrake Security Team wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: dump Date: November 2nd, 2000 Advisory ID: MDKSA-2000:065 Affected versions: None ________________________________________________________________________ Problem Description: In some instances, if dump is suid root, it can be used to gain root access. Two exploits have been published to prove this. ________________________________________________________________________ Linux-Mandrake ships dump suid root, however both exploits do not work under Linux-Mandrake. The end result is a shell that is suid by the user attempting the exploit, and not suid root which is the intended result. ________________________________________________________________________
-- ____________________________________________________________________________ Adam Knight ahknight () jump net MIS Developer http://www.jump.net ______________________________Codito, ergo sum______________________________ Allen's Axiom: When all else fails, read the instructions.
Current thread:
- MDKSA-2000:065 - Linux-Mandrake not affected by dump Linux Mandrake Security Team (Nov 03)
- Re: MDKSA-2000:065 - Linux-Mandrake not affected by dump Adam Knight (Nov 04)
- Re: MDKSA-2000:065 - Linux-Mandrake not affected by dump Fernando Schapachnik (Nov 05)